Private, Secure, Encrypted Email
If Your Email’s Not Private, What Good Is It?
In today’s business environment, data is increasingly at risk: From cyber threats like ransomeware, theft from vulnerable hacked servers, vendors who have access to systems, disgruntled employees, or even accidents like a lost device or laptop. How does an HIT director protect myriads of endpoints from intrusion. How does a Corporate Security Officer insure privacy, safety, and compliance? It all starts with having the right messaging platform.
What Is Private Email?
Many business professionals use popular free webmail programs such as YahooMail, Gmail, AOL or Office360. All of the free versions of these services generate advertising revenue by reading your personal and business mail and serving ads that are tailored to the content of your private email. This level of email service may be considered “secure” by many. And it is “encrypted”, but it is in no way private.
And as of 2017, changes to FCC law now allows networks like Verizon, AT&T, Comcast and other telecoms, who were thought to be at a disadvantage to the large internet companies like google, to have the same access to your data to read your confidential emails in order to serve ads. This means that not only are the email services you use online not private, but now the transmission along communication networks is compromised to prying eyes as well.
Your businesses’ sensitive communications and intellectual property require and deserve privacy.
What Is Encrypted Email?
Encrypted email is email that is contained behind SSL encryption (Secure Socket Layer), and this is one of five layers of protection that makes our secure email secure.
What Is Secure Email?
Secure email is email that is not obtainable by any means of intrusion. More that just “encrypted”, secure email must be unobtainable in order for it to be secure in the true sense. Think of Fort Knox. Is the gold in a vault? It certainly is (this is encryption). Is the vault in a secure facility that is locked down to everyone but the help. Most certainly (this is secure). Is the facility located on an impregnable military base protected by M-16’s, Tanks, and the US Marine Corp? That’s Dooth.
We provide businesses with fortress level privacy and security for corporate messaging and collaboration.
What Is HIPAA Compliant Email?
Unprotected PHI is all around us. If Protected Health Information (PHI) is shared in an email environment like that is not private, it is at risk of HIPAA violation. HIPAA complaint email must have four attributes in order to comply:
Must I Have a BAA With My Email Vendor to be HIPAA Compliant?
If a email outside of your EHR’s Patient Portal references a patient in a way that the sender or receiver can tell the identity of the patient in reference, then yes, a BAA must be in place with your technology provider to be in HIPAA compliance.
Must HIPAA Compliant Email Be Able To Produce a Audit Report?
If email is used PHI is contained in any inbound or outbound email, then yes, your email client or email program must be able to produce the audit report required by HIPAA guidelines on email, messaging and texting.
2018 Top 10 Best Secure Private Email
Dooth is a private Internet platform that extends the public Internet to offer secure and private email, instant messages, online calendars, online task managers, and file shares. Dooth are also developing a private wall-post, a private search engine, a private photo share, and many more features are in the making. Online activities on Dooth are private, protected with five levels of security:
- Encrypted Identity:
All your personal sign-up information is encrypted.
2) Encrypted Content and Storage:
All of your data are encrypted on top of encrypted storage
3) Encrypted Transmission:
All communication between your device and Dooth are encrypted.
4) You set your own “Crypt” key:
Third level user defined authentication; Create personalized “crypt” key to dual authenticate credentials to your account.
5) Recipient Authentication:
Sender defined recipient access key. No username and password or sign-up to access message.
Most importantly, Dooth has no ability to read your information. Quite frankly, we are not interested; it is not our business to read and track it to make money! In fact, Dooth is exactly the opposite. We want to give our users the privacy so no one can read and track it. Can the public Internet be just a ‘Dooth’ (a mere online messenger) and leave my messages alone? Unfortunately it cannot! The public Internet will continue to function as it works today because of how consumers pursue it, and online businesses that dominate public Internet commercialize it. The solution to this problem is not to change the public Internet, but rather to extend it with a private Internet to protect and safeguard personal and sensitive information and to keep it separate from our public Internet activities.
The founding team of Technologies AG (who met at CERN) created and launched ProtonMail on August 29, 2013 has grown into a global leader in online security. Today, they provide secure email to over one million users. In addition to headquarters in Geneva, Switzerland, they have support centers in San Francisco, CA, and Skopje, Macedonia. A global presence allows for 24/7 support and monitoring of mission critical applications for all customers.
CounterMail retroactively eliminates the use of “cookies” as to minimize your “trace” on the web. They don’t store their clients information on any one server; instead opting to store bits of encrypted information on a system of them to protect against data leakage. Nor do the servers log any of the IP addresses of it’s clients. With thee anonymous email header, the software removes the personal IP address from the header. Also, the attachments of your emails are stored in an encrypted form. None of your personal data or individual account data is ever shared to corporations or sold to advertising. All promised to be guarded by “strong open source algorithms.”
When you use Google services, Google may collect and process information about your actual location. We use various technologies to determine location, including IP address, GPS, and other sensors that may, for example, provide Google with information on nearby devices, Wi-Fi access points and cell towers.
Companies use the information Gmail will collect from all of our services to provide, maintain, protect and improve them, to develop new ones, and to protect Google and our users. Gmail will also use this information to offer you tailored content – like giving you more relevant search results and ads.
People have different privacy concerns. Gmail’s goal is to be clear about what information they collect, so that you can make meaningful choices about how it is used. For example, you can: Review and update your Google activity controls to decide what types of data, such as videos you’ve watched on YouTube or past searches, you would like saved with your account when you use Google services. You can also visit these controls to manage whether certain activity is stored in a cookie or similar technology on your device when you use our services while signed-out of your account. Review and control certain types of information tied to your Google Account by using Google Dashboard. View and edit your preferences about the Google ads shown to you on Google and across the web, such as which categories might interest you, using Ads Settings. You can also visit that page to opt out of certain Google advertising services.
5. Office 365
Microsoft-managed service-level security technologies and policies are enabled by default, and customer-managed controls allow you to customize your Office 365 environment to fit your organization’s security needs. Office 365 is continuously updated to enhance security.
Data you put into Office 365 belongs to you, that means you have complete control of it. Office 365 gives you extensive privacy controls and visibility into where your data resides and who has access to it, as well as availability and changes to the subscription service. If you end your subscription, you can take your data with you at any time.
Office 365 offers you the ability to enable and enforce multi-factor authentication for end users. As well as the use of their mobile app, phone call, and TXT message as secondary authentication factors.
Mailfence is a Belgian company, it cannot receive and has never received any US National Security Letters or FISA court orders. There are not any backdoors to be found in thier hardware or software. The starting package for Mailfence is the free plan. End-to-end encrypted code with a digital signature component and advanced key management for authentication of credentials. For further security the way their servers are set up, they don’t save any user data on any of the server hard drives. Then they add Perfect Forward Secrecy to protect your data from being compromised on the receiving end. There is a cellular add-on that lets you use their services for securing your text messages. In addition to everything else, Mailfence provides a web-browser function with thier HTTP Strict Transport Security algorithm that block your information from being read by anything other than the site your computer is talking to.
Tutanota offers an open webmail service that is very easy to use. Their design enables everybody to send secure messages. All the encryption is taken care of automatically in the background. Simply access your secure mailbox with your favorite web browser from any device. You can also use their mobile apps for Android and iOS. Your password easily unlocks your private key and your encrypted information on any device simply by logging in to your Tutanota account. Tutanota also lets you browse the web with relative safety from cookies and malware.
DIME is the platform that Lavabit operates off of. For Lavabit, DIME solves some security problems that they believe other companies let fall through their fingers. It’s the only automated, federated, encryption standard that works with different service providers while minimizing the leakage of metadata without a centralized authority.To support the DIME environment, they’ve created the Dark Mail Access Protocol—DMAP—and Dark Mail Transfer Protocol—DMTP—to replace IMAP. they’ve presented both protocols to the Internet Engineering Task Force for certification and adoption. DIME solves problems that plague legacy standards and combines the best of current technologies into a complete system. You get the greatest possible protection—and your email stays fast and easy to use. DIME lets you select the security level that meets your needs and matches your mindset: Trustful, Cautious, and Paranoid. The level you pick determines how your account operates, where encryption and decryption take place, where your private key is stored.
9. Protected Trust
Founded in 2003, Protected Trust began as an email hosting and cloud services company focused on helping governments store data and communicate securely. any small to medium sized business in high-compliance industries would benefit from Protectedtrust, furthering commitment to privacy, security and compliance from HIPAA, GLBA and SEC. Protected Trust also interfaces with Office 365 and has been a partner with Microsoft Office for the last 15 years; working to secure the apps within Microsoft office.There are 3 levels of accounts with Protected Trust:
- Guest Account
Communicate freely with business users
10 free secure emails to anyone
30-Day Message Retention
2) Trial Account
Business Account Features
Signup in 2 minutes
No credit card needed
3) Business Account
Administrator Control & Reporting
Compliance Ready (HIPAA, GLBA, SOC, & More)
The Virtru system consists of four components: Virtru client libraries that sit on the content creator’s device (typically a browser extension or plug-in), the Virtru Access Control Management (ACM) Server that provides key management and mediates policies, object stores that hold encrypted content, and receiving clients.
Virtru clients encrypt content on the device, keeping it encrypted until an authenticated party receives a key to decrypt. Third parties cannot access unencrypted content.
The ACM mediates several different types of policies, such as:
- Encryption key ownership
- Encryption key access
- Current access state (active or revoked)
- Access expiration
- Authorization to add others to the policy (disable forwarding)
- Content protection settings (watermarking, download disablement)